A bit of googling can do magic: "cryprographic function in php" First hit is php.net/crypto which seems to be exactly what you're looking for. As for "What's the strongest" - just go with something normal like AES or RC4.
–
LucJan 1 '13 at 20:19

1

If you're talking about symmetric encryption probably AES-CBC with random IV together with HMAC-SHA2 in an encrypt-then-mac scheme.
–
CodesInChaosJan 1 '13 at 20:20

@CodesInChaos If you simply encrypt something with AES I don't see how you could break it. Also, why the HMAC-SHA2?
–
LucJan 1 '13 at 20:24

@Luc Because else you can probably use a padding oracle(or something similar) to convince the server to decrypt a message for you. Unauthenticated encryption is often vulnerable to active attacks.
–
CodesInChaosJan 1 '13 at 20:27

2 Answers
2

As encryption primitive I'd use AES. Both AES-128 and AES-256 are strong enough. Numerically AES-256 is stronger, but it's very unlikely that AES-128 is the weakest point in your system.

Since php doesn't seem to support an authenticated encryption mode, you need to build that yourself. I'd use HMAC-SHA-256, possibly truncated to 128 bits.

To combine these operations I'd:

Generate a new random IV with mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)

Encrypt the message with AES in CBC mode with that IVNote that AES is always MCRYPT_RIJNDAEL_128 even with 256 bit keys
PHP uses zero padding by default which cannot unambiguously removed. A better padding is PKCS#7, but you'll need to add/remove it yourself. There are many existing implementations for that.

Concatenate the IV and the ciphertext

Calculate HMAC-SHA-256 on the result of step 3 (MAC must include both IV and padding)

Concatenate the result of step 3 with the MAC

To decrypt:

Verify the MAC in a way that's resistant to timing attacks

Extract the IV from the ciphertext

Decrypt the message

This is an encrypt-then-MAC scheme. It's recommended to use different keys for MAC and encryption. I recommend deriving both from a master key.

There are cryptographic standards, which are language independent, therefore I advice to use AES.

EDIT

A php library that supports this is MYCRYPT. You should be using AES with a 128 or 256 bit key size (since you want the strongest possibility, use the 256) and you should also use OCB mode when possible (there are patents on it unforunately) and otherwise CBC. More info on modes can be found here.

The library is a standard php library that's in active use for over 8 years (so it's not something untested). I checked on Stackoverflow if it's common to show up in php crypto questions and it seems to be the most used.
–
Lucas KauffmanJan 2 '13 at 10:43

Thanks Lucas for the information! The stackoverflow link was awesome as well!
–
MahdiJan 3 '13 at 10:45

2

There is no AES with 256 bit blocks. Rijndael supports 256 bit blocks, but AES is restricted to 128 bit blocks. Remember that block and key size are independent, AES-256 has a 256 bit key but 128 bit blocks.
–
CodesInChaosSep 4 '14 at 11:08